This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a84526d7-5029-439b-9e16-14cd601eb5a1.roa File: a84526d7-5029-439b-9e16-14cd601eb5a1.roa (raw, json) Hash identifier: op2q/WwrDop2QkNTPEcDD3/sXtvcrXHZViX9oGhTSsY= Subject key identifier: 30:92:BC:70:7F:95:31:79:59:4C:DE:11:A2:9E:5A:DE:9A:23:16:7E Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 377A67435B45CAC0318B9FECFCE47AFDD0266D54 Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a84526d7-5029-439b-9e16-14cd601eb5a1.roa Signing time: Wed 10 Dec 2025 06:31:11 +0000 ROA not before: Wed 10 Dec 2025 06:31:11 +0000 ROA not after: Tue 10 Mar 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d000:6080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:7a:67:43:5b:45:ca:c0:31:8b:9f:ec:fc:e4:7a:fd:d0:26:6d:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Dec 10 06:31:11 2025 GMT Not After : Mar 10 23:59:59 2026 GMT Subject: serialNumber=5f3feffe69ae29b6d3ad73c945925626885e50318cdb1c62aa0b99d468bac65b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:e5:33:f2:30:1d:fc:8a:cc:36:0d:8f:6a:7d: 67:39:91:3a:46:f4:c6:43:db:31:08:d7:80:f1:c4: 06:4a:c5:1b:74:e4:a6:d7:4e:64:8b:6b:0d:3b:63: 12:01:dc:77:e8:3e:18:cd:76:ab:e3:ba:5b:71:9a: 61:27:22:0f:12:96:2d:a1:98:0e:b8:fb:25:89:28: 17:81:ce:30:fc:4c:19:3a:5a:8d:f9:6f:c7:49:1f: 1a:40:f7:3e:a3:6e:99:10:fc:95:35:0c:3c:e5:f6: fa:b1:1c:60:0b:3d:a3:a3:96:f5:40:61:9d:d2:d6: 87:12:df:47:6f:a1:8f:71:b8:bd:71:20:67:09:0e: 02:5e:bf:83:30:22:d6:fb:6f:aa:d4:29:80:dd:4f: 26:11:98:c5:74:a9:2c:d7:24:16:c3:f5:3c:90:0d: 6a:16:41:66:99:fa:21:de:61:01:c5:d7:27:d1:d5: f7:3e:45:54:10:e6:07:34:3f:1b:5c:f9:c9:1a:5f: 15:d9:50:13:10:70:46:31:64:4d:b6:43:91:39:df: f8:b3:f8:cd:9f:32:c8:44:7e:e3:2e:a0:db:a8:5c: dd:94:99:8d:59:f6:84:67:67:09:f4:4e:f0:d4:bc: 9d:86:b1:12:4b:88:d2:34:6e:1c:73:5d:4b:26:19: 8a:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:92:BC:70:7F:95:31:79:59:4C:DE:11:A2:9E:5A:DE:9A:23:16:7E X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a84526d7-5029-439b-9e16-14cd601eb5a1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d000:6080::/48 Signature Algorithm: sha256WithRSAEncryption 71:3b:5c:f2:75:b9:d9:6a:07:16:60:8b:ba:27:24:e1:e7:6e: 5a:74:f7:09:2e:d4:f0:46:98:ea:2f:a0:b0:cf:b8:cf:64:d0: e3:94:cb:42:6f:f8:83:e7:61:f3:bc:7e:2b:fc:9c:f2:64:73: f0:90:31:d2:c2:b2:c9:95:1d:bf:cc:99:62:99:09:20:68:7c: 38:67:e5:b8:be:de:56:3e:64:7b:c3:d2:e5:33:28:bf:1a:91: d9:db:a4:92:2a:b5:47:3d:1c:e3:ec:df:70:b0:2e:61:f2:c2: b9:54:8c:c0:22:aa:87:2f:79:90:fb:0d:6a:b5:e3:90:3c:77: 6e:d3:e7:37:c3:e8:ec:97:bd:82:a3:a9:1c:89:10:24:42:94: 63:a8:76:6b:46:1d:49:63:5a:c6:2a:a7:91:91:0d:43:d2:2a: fa:39:41:c5:14:68:41:c0:db:91:d6:1e:7c:24:14:08:e4:de: 6f:fb:ea:85:8b:5d:9b:f9:31:32:39:48:b8:cb:fc:9b:9c:ee: 96:70:a6:18:af:19:f8:89:35:40:fd:2d:b3:a1:87:8b:9b:95: 5c:6f:e7:65:ff:76:79:5c:e2:73:5c:41:36:21:22:14:8a:2a: c5:db:d5:a8:2e:52:6b:b4:14:44:4e:56:e8:5d:92:ac:61:00: 21:47:9f:38 -----BEGIN CERTIFICATE----- MIIFYTCCBEmgAwIBAgIUN3pnQ1tFysAxi5/s/OR6/dAmbVQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4 NDk5NzBiYzAeFw0yNTEyMTAwNjMxMTFaFw0yNjAzMTAyMzU5NTlaMHoxSTBHBgNV BAUTQDVmM2ZlZmZlNjlhZTI5YjZkM2FkNzNjOTQ1OTI1NjI2ODg1ZTUwMzE4Y2Ri MWM2MmFhMGI5OWQ0NjhiYWM2NWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALflM/IwHfyKzDYNj2p9ZzmROkb0xkPbMQjXgPHEBkrFG3TkptdOZItrDTtj EgHcd+g+GM12q+O6W3GaYSciDxKWLaGYDrj7JYkoF4HOMPxMGTpajflvx0kfGkD3 PqNumRD8lTUMPOX2+rEcYAs9o6OW9UBhndLWhxLfR2+hj3G4vXEgZwkOAl6/gzAi 1vtvqtQpgN1PJhGYxXSpLNckFsP1PJANahZBZpn6Id5hAcXXJ9HV9z5FVBDmBzQ/ G1z5yRpfFdlQExBwRjFkTbZDkTnf+LP4zZ8yyER+4y6g26hc3ZSZjVn2hGdnCfRO 8NS8nYaxEkuI0jRuHHNdSyYZinECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQwkrxw f5UxeVlM3hGinlremiMWfjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1 bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv YTg0NTI2ZDctNTAyOS00MzliLTllMTYtMTRjZDYwMWViNWExLnJvYTCBiAYDVR0f BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5 Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ABg gDANBgkqhkiG9w0BAQsFAAOCAQEAcTtc8nW52WoHFmCLuick4eduWnT3CS7U8EaY 6i+gsM+4z2TQ45TLQm/4g+dh87x+K/yc8mRz8JAx0sKyyZUdv8yZYpkJIGh8OGfl uL7eVj5ke8PS5TMovxqR2dukkiq1Rz0c4+zfcLAuYfLCuVSMwCKqhy95kPsNarXj kDx3btPnN8Po7Je9gqOpHIkQJEKUY6h2a0YdSWNaxiqnkZENQ9Iq+jlBxRRoQcDb kdYefCQUCOTeb/vqhYtdm/kxMjlIuMv8m5zulnCmGK8Z+Ik1QP0ts6GHi5uVXG/n Zf92eVzic1xBNiEiFIoqxdvVqC5Sa7QURE5W6F2SrGEAIUefOA== -----END CERTIFICATE-----Generated at Fri Jan 2 09:28:25 2026 by rpki-client